package com.system.shiro;

import javax.annotation.Resource;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;

import com.system.service.ISysStaffService;
import com.system.shiro.anthc.NoRoleException;
import com.system.vo.SysStaffVO;

public class MyRealm extends AuthorizingRealm {
	
	@Resource
	private ISysStaffService staffService;

	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		Subject subject = SecurityUtils.getSubject();
		Session session = subject.getSession();
		SysStaffVO user = (SysStaffVO) session.getAttribute("user");
		
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
		authorizationInfo.setRoles(user.getRoles());
		return authorizationInfo;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
		String staffName = (String) authcToken.getPrincipal();
		SysStaffVO staff = staffService.findAccountByName(staffName);
		if (staff == null) {
			throw new UnknownAccountException();// 没找到帐号
		}
		if(staff.getState()!=null &&staff.getState()==0){
			throw new LockedAccountException();
		}
		SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
				staff.getStaffId(), staff.getStaffPsw(), getName());
           this.clearCache(authenticationInfo.getPrincipals());//清除
   		String roleId = staffService.findRolesIdByStaffId(staff.getStaffId());
   		if (null == roleId){
   			System.out.println("用户：" + staffName + "没有系统相关角色");
   			throw new NoRoleException();
   		}
		return authenticationInfo;
	}

//	private final void setSession(Object key, Object value) {
//		Subject currentUser = SecurityUtils.getSubject();
//		if (null != currentUser) {
//			Session session = currentUser.getSession();
//			System.out
//					.println("Session默认超时时间为[" + session.getTimeout() + "]毫秒");
//			if (null != session) {
//				session.setAttribute(key, value);
//			}
//		}
//	}

	@Override
	public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
		super.clearCachedAuthorizationInfo(principals);
	}

	@Override
	public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
		super.clearCachedAuthenticationInfo(principals);
	}

	@Override
	public void clearCache(PrincipalCollection principals) {
		super.clearCache(principals);
	}

	public void clearAllCachedAuthorizationInfo() {
		getAuthorizationCache().clear();
	}

	public void clearAllCachedAuthenticationInfo() {
		getAuthenticationCache().clear();
	}

	public void clearAllCache() {
		clearAllCachedAuthenticationInfo();
		clearAllCachedAuthorizationInfo();
	}

}
